Date: Wed, 11 Feb 1998 14:37:50 -0800 From: David Greenman <dg@root.com> To: 026809r@dragon.acadiau.ca Cc: shovey@buffnet.net, freebsd-questions@FreeBSD.ORG Subject: Re: Security Message-ID: <199802112237.OAA23205@implode.root.com> In-Reply-To: Your message of "Wed, 11 Feb 1998 18:06:48 -0400." <199802112206.SAA24704@scifair.acadiau.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
>> > Is FreeBSD C2 security standards compliant ?? If so, what version did
>> > these security features debut ??
>>
>> No it is not - I believe to be C2 you must not be able to gain access to
>> the disks even from the console of the machine itself without a valid
>> userid and password - and with FreeBSD you can boot with -s to bring it up
>> standalone as root.
>If this is the only thing FreeBSD needs to be C2 compliant, maybe someone
>could come up with some kind of fix where your username and password can
>optionally be put in the boot block so you need it to give any startup
>options on bootup. Then use the bios to stop flopy bootups. Would that
>satisfy the requirements?
From the init(8) manual page:
If the console entry in the ttys(5) file is marked ``insecure'', then
init will require that the superuser password be entered before the sys-
tem will start a single-user shell. The password check is skipped if the
console is marked as ``secure''.
-DG
David Greenman
Core-team/Principal Architect, The FreeBSD Project
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199802112237.OAA23205>